<?php
$loginErr = "";
include 'config.php';

if (isset($_POST['loginSubmit'])) {
	$userid = $_POST["userid"];
	$userpin = $_POST["userpin"];
	$con = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
	$query = "SELECT * FROM users WHERE userid = '$userid' AND userpin = '$userpin'";
	$result = mysqli_query($con, $query);
	if (mysqli_num_rows($result) > 0) {
		$_SESSION['userid'] = $userid;
		header('LOCATION: loggedin.php');
	} else {
		$loginErr = "wrong username or password";
	}
}
?>

<!DOCTYPE html>
<html>
	<head>
	<link rel="stylesheet" href="//ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.css" />
<script src="//ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/jquery-ui.min.js"></script>
		<link href="css/styles.css" type="text/css" rel="stylesheet" />
	</head>
	<body>
	
		<div id=loginForm>	<img src="img/LEXIO.jpg" /><form id="login" action="index.php" method="post">
			<div>
				<label for="id">ID</label>
				<input type="text" name="userid" id="userid"/>
			</div>
			<div>	
				<label for="pin">PIN</label>
				<input type="text" name="userpin" id="userpin"/>
			</div>
		
					<button type="submit" id="loginSubmit" name="loginSubmit" class="btn">Log in
			</button>
		</form></div>
		<p class="error"><?php echo $loginErr; ?></p>
		<body>
</html>